Protection for Mobile Network Signaling

Securing SCTP, GTP, Diameter, SIP, DNS and "Internet Stack" for 4G/5G

The Need for Control Plane (Signaling) Security

The mobile network's ability to provide services and drive innovation is dependent on its ability to safeguard both the availability and integrity of its control plane. The need to secure core signaling protocols, interfaces, and reference points has always been crucial and will only increase in its criticality with 5G. Innovative new functionalities and services are completely dependent on the ability to instantiate and orchestrate on-demand services, service chains, and complex ecosystems at both the core and the edge of mobile networks. The following main signaling protocols play a major role in 4G and some 5G control-plane operations:

Domain Name System (DNS): Not a signaling protocol, but DNS is a foundational element of any carrier network and key for the operation of the network.

From 4G to 5G Signaling - From Protocols to API Calls

5G introduces a fundamental change in core signaling with the move from a point-to-point, monolithic signaling protocol architecture to a service bus architecture (BSA). This facilitates agility and flexibility in network functions and services deployment and availability as outlined below:

5G's uniform protocol stack is based on Internet stack with the replacement of core signaling protocols such as SCTP by TCP or Diameter by HTTP/2. According to this ENISA report, the use of common "Internet" protocols like HTTP and TLS, as well as REST APIs will create a situation where "the grace period between vulnerability discovery and real exploitation will become much shorter compared to SS7 and Diameter." It’s clear that 5G deployments will leverage security capabilities in the Internet realm with the given latency, scale, and automation required by carrier and mobile operators.

FortiGate signaling and Internet security features can be implemented as a PNF with high availability (HA) and the highest proven scalability. Fortinet’s custom security processors provide hardware acceleration to meet today and tomorrow’s traffic and session volume with minimum latency and very high performance.